oss-sec mailing list archives
Re: Re: "who shouldn't be on-list"
From: Vincent Danen <vdanen () linsec ca>
Date: Fri, 4 Apr 2008 23:12:33 -0600
* [2008-04-04 13:46:11 -0800] Jonathan Smith wrote:
security curmudgeon wrote: | As a new subscriber who did not see specific mention of the desired list | population, could you clarify who you feel the list is for, or who should | not be on it? As I see it, the list is for members of the open-source community. Thus, to be admitted to the list, you either have to demonstrate that you're a developer of a (at least marginally notable) open source project, that you're a vendor who redistributes oss, or that you're a security researcher who audits or otherwise interacts with oss. This is, of course, only my opinion and may not reflect the rest of the group's ideas.
I think this is a good definition. Bottom-line would be that this isn't a list for end-users. End-users or sysadmins, whatever, could be read-only subscribers... heck, that's no different than reading web archives. But to be a "member" of the list, with posting priveleges, I think you need to be someone who can demonstrate an active role with some OSS -- this does not mean you need to be on a vendor security team, or the apache/samba/whatever security contact. You could be a grunt developer who has an interest in security-related stuff (perhaps good programming techniques, etc.) and as long as you're a member or developer of some OSS with a reasonable exposure, then I think you can have a voice on the list if you like. Honestly, I think a lot of people will be lurkers... so for them they never need to progress beyond read-only subscriber. It's the people who are interested in security (be it re-active or pro-active) that will want to be "members" of the list. Now, having said that, I think the ml subscription can be a lot more open than wiki editing rights (which is a whole different ball of wax). -- Vincent Danen @ http://linsec.ca/
Attachment:
_bin
Description:
Current thread:
- Re: list: members vs. read-only subscribers, (continued)
- Re: list: members vs. read-only subscribers Vincent Danen (Apr 09)
- Re: announcing oCERT & oss-security to Bugtraq & f-d Solar Designer (Apr 08)
- Re: announcing oCERT & oss-security to Bugtraq & f-d Andrea Barisani (Apr 08)
- Re: announcing oCERT & oss-security to Bugtraq & f-d Josh Bressers (Apr 08)
- Re: announcing oCERT & oss-security to Bugtraq & f-d Andrea Barisani (Apr 08)
- Re: announcing oCERT & oss-security to Bugtraq & f-d Solar Designer (Apr 08)
- Re: announcing oCERT & oss-security to Bugtraq & f-d Vincent Danen (Apr 04)
- Re: Re: "who shouldn't be on-list" Jonathan Smith (Apr 04)
- Re: Re: "who shouldn't be on-list" Vincent Danen (Apr 04)